charter-of-trust.com | #Charter of Trust

Charter of Truston Cybersecurity

April 2019Page 2

Digitalizationcreates

opportunities and risks

… and risksExposure to malicious cyber attacks is also growing dramatically, putting our lives and the stability of our society at risk

Digitalization creates …

April 2019Page 3

Opportunities

Blue BoxingCryptovirologyAOHell

Level Seven Crew hackDenial-of-service attacks

Cloudbleed

sl1nk SCADA hacks Meltdown/Spectre

AT&T Hack Morris Worm Melissa Worm ILOVEYOUWannaCry

NotPetya

HeartbleedIndustroyer/Chrashoverride

Stuxnet

2000 2004 2008 2012 2016 202019961988 1992

Billions of devices are being connectedby the Internet of Things, and are the backbone of our infrastructure and economy

50.1B (2020)

IoT Inception (2009) 8.7B (2012)

11.2B (2013)

14.2B (2014)

18.2B (2015)

22.9B (2016)

28.4B (2017)

42.1B (2019)

0.5B (2003)

Connected Systems

Connected Facilities/Plant/Site

Connected Products

34.8B (2018)

Billion of Devices

And it‘s common truth

April 2019Page 4

We can’t expect people to actively support the digital transformation if we cannot TRUST in the security of data and networked systems.

April 2019Page 5

That’s why together with strong partners we have signed a “Charter of Trust” –aiming at three important objectives

1. Protect the data of individuals and companies

2. Prevent damage to people, companies and infrastructures

3. Create a reliable foundation on which confidence in a networked, digital world can take root and grow

And we came up withten key principles

April 2019Page 6

01 Ownership of cyberand IT security

02 Responsibility throughout the digital supply chain

03 Security by default

04 User-centricity

05 Innovation and co-creation

06 Education

07 Certification for critical infrastructure and solutions

08 Transparency and response

09 Regulatory framework

10 Joint initiatives

And we bring them to life as

Principle 1 — Ownership of cyber and IT security

Concrete implementation steps at Siemens

In January 2018 we established a new Cybersecurity unit headed by Natalia Oropeza, our new Chief Cybersecurity Officer (CCSO). In this function, she reports directly to the Managing Board of Siemens AG. With this new position we’re fulfilling one of our requirements in the Charter of Trust.

“Cybersecurity is more than a challenge. It’s a huge opportunity. By setting standards with a dedicated and global team to make the digital world more secure, we are investing in the world's most valuable resource: TRUST.

Our concrete answers to today’s upcoming Cybersecurity issues and our proposals for more advanced Cybersecurity rules and standards are invaluable to our partners, stakeholders and societies around the world. That is what we call “ingenuity at work.”

Natalia Oropeza,Chief Cybersecurity Officer, Siemens AG

April 2019Page 7

01

For our society, customers and Siemens, we are

the trusted partner in the digital world

by providing industry leading cybersecurity

Together we make cybersecurity real – because it matters

Our Vision

Our Holisticapproach

Our Siemens approach for a newCybersecurity organization

Protection of our IT and OT Infrastructure

Protection of our products, solutions and services

Enable cyber solutions for our business

And we bring them to life as

April 2019Page 8

Concrete implementation steps at Siemens

Siemens provides a multi-layer concept that gives plants both all-round and in-depth protection

Know-how andcopy protection

Authentication and user management

Firewall and VPN(Virtual Privat Network)

System hardening and continuous monitoring

02

The Siemens security conceptdefense-in-depth

Principle 2 — Responsibility throughout the digital supply chain

Concrete implementation steps with the CoT partners

With our partners, we are defining a list of minimum security requirements for all players in the supply chain, and effective mechanisms that can support their implementation

Nevertheless

April 2019Page 9

“We can’t do it alone. It's high time we act – together with strong partners who are leaders in their markets.”

Joe KaeserInitiator of the Charter of Trust

April 2019Page 10

Together we strongly believe─ Effective cybersecurity is a precondition for

an open, fair and successful digital future

─ By adhering to and promoting our principles,we are creating a foundation of trust for all

charter-of-trust.comAs a credible and reliable voice, we collaborate with key stakeholders to achieve trust in cybersecurity for global citizens.

April 2019Page 11

Be part of a network that does not only sign, but collaborates on Cybersecurity!

Let us be your trusted partners for cybersecurityand digitalization

Together we will improve our technology, peopleand processes

Join us by following our principles and making the digital world more secure

If you have questions on ourCharter of Trust on Cybersecurity

April 2019Page 12

please contact us

Chief Cybersecurity Officer (CCSO)of Siemens AGNatalia Gutierrez Oropezanatalia.oropeza@siemens.com

“Charter of Trust“ initiativeEva Schulz-Kammeva.schulz-kamm@siemens.com

Global coordinator of the “Charter of Trust“ initiativeKai Hermsenkai.hermsen@siemens.com

Contact on CoT communications Johannes von Karczewskijohannes.karczewski@siemens.com